cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/connector CoyoteAdapter.java
remm2005/09/22 10:20:21 Modified:webapps/docs changelog.xml catalina/src/share/org/apache/catalina/connector CoyoteAdapter.java Log: - 34749: jsessionid dropped on trailing slash (/) redirect. Revision ChangesPath 1.379 +3 -0 jakarta-tomcat-catalina/webapps/docs/changelog.xml Index: changelog.xml === RCS file: /home/cvs/jakarta-tomcat-catalina/webapps/docs/changelog.xml,v retrieving revision 1.378 retrieving revision 1.379 diff -u -r1.378 -r1.379 --- changelog.xml 22 Sep 2005 14:21:18 - 1.378 +++ changelog.xml 22 Sep 2005 17:20:21 - 1.379 @@ -70,6 +70,9 @@ 35609: service.bat echo command when wrong arguments given [patch by Robert Longson] (yoavs) + +34749: jsessionid dropped on trailing slash (/) redirect (remm) + 1.10 +7 -1 jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/connector/CoyoteAdapter.java Index: CoyoteAdapter.java === RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/connector/CoyoteAdapter.java,v retrieving revision 1.9 retrieving revision 1.10 diff -u -r1.9 -r1.10 --- CoyoteAdapter.java30 Apr 2005 03:32:43 - 1.9 +++ CoyoteAdapter.java22 Sep 2005 17:20:21 - 1.10 @@ -305,6 +305,12 @@ if (!redirectPathMB.isNull()) { String redirectPath = redirectPathMB.toString(); String query = request.getQueryString(); +if (request.isRequestedSessionIdFromURL()) { +// This is not optimal, but as this is not very common, it +// shouldn't matter +redirectPath = redirectPath + ";jsessionid=" ++ request.getRequestedSessionId(); +} if (query != null) { // This is not optimal, but as this is not very common, it // shouldn't matter - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/connector CoyoteAdapter.java
>>Actually, in the case of a JSP, we're dealing w/ JspServlet, which is an >>instance of HttpServlet. >> >>I've changed the code to return a constant set of methods if the servlet >>is not an instance of HttpServlet, avoiding the NPE. :) >> > > > My bad. I should pay more attention to Jasper :). > > However, a JSP page still will return 'Allow: OPTIONS' after all of this > work :). Yes, but you'll get a more useful reply for any custom HttpServlets. ;-) Notice that what the patch does is return the same methods that OPTIONS would have returned in the Allow response header, minus the disabled TRACE. Since the HTTP spec requires that the Allow header should reflect the capabilities of the requested resource, I think it is a good idea to follow it as much as we can. It's not like we're adding tons of code in order to achieve this. :) Jan - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/connector CoyoteAdapter.java
- Original Message - From: "Jan Luehe" <[EMAIL PROTECTED]> To: "Tomcat Developers List" <[EMAIL PROTECTED]> Sent: Thursday, October 28, 2004 9:45 AM Subject: Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/connector CoyoteAdapter.java > Bill, > > Bill Barker wrote: > > <[EMAIL PROTECTED]> wrote in message > > news:[EMAIL PROTECTED] > > > >>luehe 2004/10/27 15:58:17 > >> > >> + > >> +private Method[] getAllDeclaredMethods(Class c) { > >> + > >> +if (c.equals(javax.servlet.http.HttpServlet.class)) { > >> +return null; > >> +} > >> + > >> +Method[] parentMethods = > >>getAllDeclaredMethods(c.getSuperclass()); > > > > > > If the servlet isn't a HttpServlet (e.g. it's a JSP page) then this will > > recurse down to j.l.Object, when c.getSuperClass will return 'null', and you > > will get an NPE from the 'c.equals' line. > > Actually, in the case of a JSP, we're dealing w/ JspServlet, which is an > instance of HttpServlet. > > I've changed the code to return a constant set of methods if the servlet > is not an instance of HttpServlet, avoiding the NPE. :) > My bad. I should pay more attention to Jasper :). However, a JSP page still will return 'Allow: OPTIONS' after all of this work :). > Thanks, > > Jan > > > > IMHO, this patch is an overly complex way to try and determine something > > that isn't determinable under the servlet spec (again, think JSP page :). > > You might as well just set the Allow header to any old constant set of > > methods. > > > > > > > > > > > > - > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > This message is intended only for the use of the person(s) listed above as the intended recipient(s), and may contain information that is PRIVILEGED and CONFIDENTIAL. If you are not an intended recipient, you may not read, copy, or distribute this message or any attachment. If you received this communication in error, please notify us immediately by e-mail and then delete all copies of this message and any attachments. In addition you should be aware that ordinary (unencrypted) e-mail sent through the Internet is not secure. Do not send confidential or sensitive information, such as social security numbers, account numbers, personal identification numbers and passwords, to us via ordinary (unencrypted) e-mail. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/connector CoyoteAdapter.java
Bill, Bill Barker wrote: > <[EMAIL PROTECTED]> wrote in message > news:[EMAIL PROTECTED] > >>luehe 2004/10/27 15:58:17 >> >> + >> +private Method[] getAllDeclaredMethods(Class c) { >> + >> +if (c.equals(javax.servlet.http.HttpServlet.class)) { >> +return null; >> +} >> + >> +Method[] parentMethods = >>getAllDeclaredMethods(c.getSuperclass()); > > > If the servlet isn't a HttpServlet (e.g. it's a JSP page) then this will > recurse down to j.l.Object, when c.getSuperClass will return 'null', and you > will get an NPE from the 'c.equals' line. Actually, in the case of a JSP, we're dealing w/ JspServlet, which is an instance of HttpServlet. I've changed the code to return a constant set of methods if the servlet is not an instance of HttpServlet, avoiding the NPE. :) Thanks, Jan > IMHO, this patch is an overly complex way to try and determine something > that isn't determinable under the servlet spec (again, think JSP page :). > You might as well just set the Allow header to any old constant set of > methods. > > > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/connector CoyoteAdapter.java
Bill Barker wrote: <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] luehe 2004/10/27 15:58:17 + +private Method[] getAllDeclaredMethods(Class c) { + +if (c.equals(javax.servlet.http.HttpServlet.class)) { +return null; +} + +Method[] parentMethods = getAllDeclaredMethods(c.getSuperclass()); If the servlet isn't a HttpServlet (e.g. it's a JSP page) then this will recurse down to j.l.Object, when c.getSuperClass will return 'null', and you will get an NPE from the 'c.equals' line. IMHO, this patch is an overly complex way to try and determine something that isn't determinable under the servlet spec (again, think JSP page :). You might as well just set the Allow header to any old constant set of methods. I agree being lazy has its good points: "Allow: GET, HEAD, POST" would be good enough for me :) I don't like cut & pasting so much code :( Rémy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/connector CoyoteAdapter.java
<[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > luehe 2004/10/27 15:58:17 > > + > +private Method[] getAllDeclaredMethods(Class c) { > + > +if (c.equals(javax.servlet.http.HttpServlet.class)) { > +return null; > +} > + > +Method[] parentMethods = > getAllDeclaredMethods(c.getSuperclass()); If the servlet isn't a HttpServlet (e.g. it's a JSP page) then this will recurse down to j.l.Object, when c.getSuperClass will return 'null', and you will get an NPE from the 'c.equals' line. IMHO, this patch is an overly complex way to try and determine something that isn't determinable under the servlet spec (again, think JSP page :). You might as well just set the Allow header to any old constant set of methods. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/connector CoyoteAdapter.java
luehe 2004/10/27 15:58:17 Modified:catalina/src/share/org/apache/catalina/core StandardWrapper.java catalina/src/share/org/apache/catalina Wrapper.java catalina/src/share/org/apache/catalina/connector CoyoteAdapter.java Log: If TRACE has been disabled, return appropriate error code (405, instead of the current 403) and include Allow header in response, in order to comply with HTTP 1.1 spec: 10.4.6 405 Method Not Allowed The method specified in the Request-Line is not allowed for the resource identified by the Request-URI. The response MUST include an Allow header containing a list of valid methods for the requested resource. Revision ChangesPath 1.54 +69 -2 jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/core/StandardWrapper.java Index: StandardWrapper.java === RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/core/StandardWrapper.java,v retrieving revision 1.53 retrieving revision 1.54 diff -u -r1.53 -r1.54 --- StandardWrapper.java 26 Oct 2004 21:55:43 - 1.53 +++ StandardWrapper.java 27 Oct 2004 22:58:17 - 1.54 @@ -17,11 +17,12 @@ package org.apache.catalina.core; - +import java.lang.reflect.Method; import java.io.PrintStream; import java.util.ArrayList; import java.util.Enumeration; import java.util.HashMap; +import java.util.HashSet; import java.util.Stack; import java.security.AccessController; import java.security.PrivilegedActionException; @@ -551,6 +552,44 @@ } +/** + * Gets the names of the methods supported by the underlying servlet. + * + * This is the same set of methods included in the Allow response header + * in response to an OPTIONS request method processed by the underlying + * servlet. + * + * @return Array of names of the methods supported by the underlying + * servlet + */ +public String[] getServletMethods() throws ServletException { + +HashSet allow = new HashSet(); +allow.add("TRACE"); +allow.add("OPTIONS"); + +Method[] methods = getAllDeclaredMethods(loadServlet().getClass()); +for (int i=0; methods != null && i 0)) { +Method[] allMethods = +new Method[parentMethods.length + thisMethods.length]; + System.arraycopy(parentMethods, 0, allMethods, 0, + parentMethods.length); + System.arraycopy(thisMethods, 0, allMethods, parentMethods.length, + thisMethods.length); + + thisMethods = allMethods; + } + + return thisMethods; } 1.6 +14 -1 jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/Wrapper.java Index: Wrapper.java === RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/Wrapper.java,v retrieving revision 1.5 retrieving revision 1.6 diff -u -r1.5 -r1.6 --- Wrapper.java 26 May 2004 15:28:42 - 1.5 +++ Wrapper.java 27 Oct 2004 22:58:17 - 1.6 @@ -132,6 +132,19 @@ /** + * Gets the names of the methods supported by the underlying servlet. + * + * This is the same set of methods included in the Allow response header + * in response to an OPTIONS request method processed by the underlying + * servlet. + * + * @return Array of names of the methods supported by the underlying + * servlet + */ +public String[] getServletMethods() throws ServletException; + + +/** * Is this servlet currently unavailable? */ public boolean isUnavailable(); 1.8 +32 -13 jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/connector/CoyoteAdapter.java Index: CoyoteAdapter.java === RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/connector/CoyoteAdapter.java,v retrieving revision 1.7 retrieving revision 1.8 diff -u -r1.7 -r1.8 --- CoyoteAdapter.java19 Oct 2004 15:28:13 - 1.7 +++ CoyoteAdapter.java27 Oct 2004 22:58:17 - 1.8 @@ -171,10 +171,11 @@ * Parse additional request parameters. */ protected boolean postParseRequest(org.apache.coyote.Request req, -Request request, -org.apache.coyote.Response res, -Response response) -th
cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/connector CoyoteAdapter.java
remm2004/10/19 08:28:13 Modified:catalina/src/share/org/apache/catalina/connector CoyoteAdapter.java Log: - Optimize session IDs conversion to String. Revision ChangesPath 1.7 +28 -1 jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/connector/CoyoteAdapter.java Index: CoyoteAdapter.java === RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/connector/CoyoteAdapter.java,v retrieving revision 1.6 retrieving revision 1.7 diff -u -r1.6 -r1.7 --- CoyoteAdapter.java4 Oct 2004 09:25:11 - 1.6 +++ CoyoteAdapter.java19 Oct 2004 15:28:13 - 1.7 @@ -366,6 +366,7 @@ // Override anything requested in the URL if (!request.isRequestedSessionIdFromCookie()) { // Accept only the first session id cookie +convertMB(scookie.getValue()); request.setRequestedSessionId (scookie.getValue().toString()); request.setRequestedSessionCookie(true); @@ -376,6 +377,7 @@ } else { if (!request.isRequestedSessionIdValid()) { // Replace the session id until one is valid +convertMB(scookie.getValue()); request.setRequestedSessionId (scookie.getValue().toString()); } @@ -432,6 +434,31 @@ cbuf[i] = (char) (bbuf[i + start] & 0xff); } uri.setChars(cbuf, 0, bc.getLength()); + +} + + +/** + * Character conversion of the a US-ASCII MessageBytes. + */ +protected void convertMB(MessageBytes mb) { + +// This is of course only meaningful for bytes +if (mb.getType() != MessageBytes.T_BYTES) +return; + +ByteChunk bc = mb.getByteChunk(); +CharChunk cc = mb.getCharChunk(); +cc.allocate(bc.getLength(), -1); + +// Default encoding: fast conversion +byte[] bbuf = bc.getBuffer(); +char[] cbuf = cc.getBuffer(); +int start = bc.getStart(); +for (int i = 0; i < bc.getLength(); i++) { +cbuf[i] = (char) (bbuf[i + start] & 0xff); +} +mb.setChars(cbuf, 0, bc.getLength()); } - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]